MikroTik

Community discussions
https://forum.mikrotik.com/

Mikrotik HEX and OpenVPN

https://forum.mikrotik.com/viewtopic.php?t=104032

Page 1 of 1

Mikrotik HEX and OpenVPN

Posted: Wed Jan 20, 2016 11:12 am
by Peque
Hi Forum
Just playing around with the new Mikrotik HEX Router.
Trying to establish a OpenVPN connection to this following the guide from here http://wiki.mikrotik.com/wiki/OpenVPN
Selfcreated Certificates from easy-rsa

Uploaded the Certificate to Router and to Client - And when trying to establish a connection I'm getting this:
Code: Select all
In the terminal
echo: ovpn,debug,error,,,,,,,,,l2tp,info,,debug,,,critical,,,,,,,,,,,,,error duplicate packet, dropping
I cannot see anything else - and the logfile gives me the same error - What can this be ?

From My VPN client I'm getting this:
Code: Select all
Wed Jan 20 10:19:27 2016 TCP connection established with [AF_INET]12.34.56.78:1194
Wed Jan 20 10:19:27 2016 TCPv4_CLIENT link local: [undef]
Wed Jan 20 10:19:27 2016 TCPv4_CLIENT link remote: [AF_INET]12.34.56.78:1194
Wed Jan 20 10:19:27 2016 TLS: Initial packet from [AF_INET]12.34.56.78:1194, sid=090b21d9 15ab5ced
Wed Jan 20 10:19:27 2016 Connection reset, restarting [0]
Wed Jan 20 10:19:27 2016 SIGUSR1[soft,connection-reset] received, process restarting
Wed Jan 20 10:19:27 2016 Restart pause, 5 second(s)
Wed Jan 20 10:19:32 2016 Socket Buffers: R=[65536->65536] S=[64512->64512]
Wed Jan 20 10:19:32 2016 Attempting to establish TCP connection with [AF_INET]12.34.56.78:1194 [nonblock]

Re: Mikrotik HEX and OpenVPN

Posted: Fri Feb 05, 2016 12:13 am
by Dragoon
Seeing the level of support offered here for the very same thing I am currently looking at routers for -- openVPN -- I will unfortunately be going with another brand.

Re: Mikrotik HEX and OpenVPN

Posted: Wed Feb 08, 2017 6:26 am
by stevewalsh
I think the duplicate packet error message is a red herring in this issue

Having just spent a morning fighting this issue myself, I found the answer buried deep in another post on this forum.

The chances are pretty good that you haven't specified a suitable cipher in your config file, which means the client defaults to 'none'. I found by adding "cipher AES-256-CBC" to my openvpn config file meant that I could connect straight away.

You can see what ciphers are enabled on your openvpn session by going to 'ppp' and clicking on the 'ovpn-server' button across the top. the list of cipher names for the config file can be found at https://openvpn.net/index.php/access-se ... erver.html
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/